Oliver Kurth [Wed, 27 Feb 2019 22:39:58 +0000 (14:39 -0800)]
Remove dead code in vmtoolsConfig.c
There is a lot code in vmtoolsConfig.c that handles the 'tools upgrades'
from legacy tools versions.
But as per
https://docs.vmware.com/en/VMware-Tools/10.1/rn/vmware-tools-1010-release-notes.html#installupgrade,
legacy tools versions (prior to 9.4.x) must be first upgraded to 10.1.0 before
upgrading to the latest tools versions. Hence, removed all the code which is
no longer applicable for the 'latest tools version'.
Oliver Kurth [Wed, 27 Feb 2019 22:39:57 +0000 (14:39 -0800)]
Tools Vix Plugin: minor cleanup remove unnecessary undefs
A minor cleanup remove unnecessary undefs and fixing a misspelling in
a function header. The function header somehow got removed from the
previous clean up so here it is again anyway, with the addition of the
spelling correction.
Oliver Kurth [Wed, 27 Feb 2019 22:39:57 +0000 (14:39 -0800)]
Linux DeployPkg should provide a configurable timeout for the spanning
customization process.
Change the upper limit of the timeout value in tools.conf to 3600 instead
of MAX_UINT16. Revise the log message displayed when an invalid value
is configured in tools.conf.
Oliver Kurth [Wed, 27 Feb 2019 22:39:55 +0000 (14:39 -0800)]
GCC 9 caught several misaligned accesses and a format overflow.
GCC 9 generated several instances of "Werror=address-of-packed-member"
in HGFS Fuse support code and hgfsmounter. There is also one instance of
"Werror=format-overflow" generated in util_misc.c.
According to stackoverflow discussion -
https://stackoverflow.com/questions/8568432/is-gccs-attribute-packed-pragma-pack-unsafe,
x86 hardware handles misaligned access and does not exhibit any real
issues. However, GCC 9 generates misaligned access warning
("Werror=address-of-packed-member) for all architectures. In case of
open-vm-tools build we treat warnings as errors and also we want code
to be as portable as possible in general unless there is a reason not
to do so.
Oliver Kurth [Tue, 19 Feb 2019 20:51:33 +0000 (12:51 -0800)]
Hgfs Server Manager Tools: fix a memory leak
The Hgfs server manager interface assumes that it is called only once
for each application that uses it. However, in the tools services there
are multiple clients. Hence, the initialization is done multiple times
and causes the previous initializations which allocate resources to be
overwritten and lost. Thus memory is being leaked.
Initialize the policy shares once on the first register and cleanup
the policy shares on final unregister by introducing a reference count.
The channel is already reference counted and initializes the channel once.
However it is necessary to call the channel init on each register
and exit on each unregister as it saves a channel reference in the data manager
object passed to it by the caller for subsequent retrieval.
Add an additional log to the policy init and cleanup calls for tracking purposes.
Oliver Kurth [Tue, 19 Feb 2019 20:51:32 +0000 (12:51 -0800)]
Fix the missing IP aliases in the guest info.
IP aliases were missing in the guest info when libdnet is not used.
Previously tried to use the MAC address as the key to identify the IP aliases
on Linux. However, that didn't work for vlan devices which share the same
MAC as the parent NIC. The previous attempt was backed out.
Ideally, need to find a way to map the label name to the NIC name, but
have not been able to find a simple solution for this. There might be a
netlink based solution but it is way too costly to do.
After more investigation, found out that a valid IP alias name must start
with the original NIC name followed by a colon. Even though the ip addr allows
any string as the start of the NIC name, configuration file requires the colon.
In addition, ifconfig would error out when the name is not of the standard:
ens192wwwww: error fetching interface information: Device not found
Therefore, a correctly configured system should use eth0:1, ens192:2 etc.
A lookup of libdnet source revealed the same assumption in the libdnet code.
/* Get addresses for this interface. */
for (ifr = intf->ifc.ifc_req; ifr < lifr && (ap + 1) < lap;
ifr = NEXTIFR(ifr)) {
/* XXX - Linux, Solaris ifaliases */
if ((p = strchr(ifr->ifr_name, ':')) != NULL)
*p = '\0';
Therefore, doing just the same. Look for the colon, then trim it, and then
compare it with the NIC name.
Oliver Kurth [Tue, 19 Feb 2019 20:51:32 +0000 (12:51 -0800)]
GuestOS: Improve the guest OS identification code
Now that we often have an explicit, unambiguous version string for
a distro, use it. In the rare case we don't have one, search the
distro string for a digit and use that. If we can't find anything,
note this and let the code fall into the default appropriate to the
distro.
With this change, we stop using strings and so are no longer confused
by things like "7.5". For a few of the distros, we now no longer care
about the upper bound, we can report what we find. Anything above what
the release supports will be fixed by the GuestMapper.
Oliver Kurth [Tue, 19 Feb 2019 20:51:32 +0000 (12:51 -0800)]
Fix the missing IP aliases in the guest info.
IP aliases were missing in the guest info when the libdnet is not used.
ESX does not seem to support IP aliases, so the ESX code path is kept logically
the same as before.
On Linux, for each IP entry, get the label name, and use ioctl to get its MAC.
Use the MAC to match the current device MAC.
The getifaddrs() call ensures that the ifa_name is not NULL, so there is no
need to check for NULL pointers.
Oliver Kurth [Tue, 19 Feb 2019 20:51:31 +0000 (12:51 -0800)]
Include vmware/tools/log.h to define g_info.
A recent change added a call to g_info from syncManifest.c. This
in turn is causing open-vm-tools builds to fail because g_info is
not available on SLES 12sp1.
To fix the problem, include vmware/tools/log.h in syncManifest.c.
log.h defines g_info as a macro.
Oliver Kurth [Tue, 19 Feb 2019 20:51:31 +0000 (12:51 -0800)]
Always send VMBACKUP_EVENT_GENERIC_MANIFEST during quiesced snapshots.
vSphere 6.7 added a host-side interface that allows VMTools to send
a "generic" backup manifest during a quiesced snapshot on Linux guests.
VMTools 10.2.0 or later tries to notify the host of the backup manifest
file through a vmbackup event message VMBACKUP_EVENT_GENERIC_MANIFEST.
If the host is unable to field the message, then VMTools logs the
failure and then continues with the quiesced snapshot in the older
fashion, without the backup manifest.
An earlier change attempted to reduce the amount of logging done when
running on older hosts that don't support VMBACKUP_EVENT_GENERIC_MANIFEST
by detecting when sending VMBACKUP_EVENT_GENERIC_MANIFEST fails and
not sending the message again for subsequent quiesced snapshots.
However, subsequent stress testing has uncovered problems with this
approach when running on newer hosts; specifically, errors may sometimes
be encountered on newer hosts when sending VMBACKUP_EVENT_GENERIC_MANIFEST.
Therefore this change backs out that earlier change.
Note that the need to solve the problem that that earlier change was
intended to solve has been reduced because support for
VMBACKUP_EVENT_GENERIC_MANIFEST has been backported to vSphere 6.5
P03, which is available, and vSphere 6.0 P08, which is scheduled for
release later this year. ESXi 5.5 is out of general support.
This change also addresses an issue that surfaced when testing on a
host without support for VMBACKUP_EVENT_GENERIC_MANIFEST.
If VMTools fails to send VMBACKUP_EVENT_GENERIC_MANIFEST, the quiesced
snapshot operation will be aborted rather than continuing as it should.
To address this, create a new function, VmBackup_SendEventNoAbort,
which does not abort the quiesced snapshot on failure, and call that
function rather than VmBackup_SendEvent when sending
VMBACKUP_EVENT_GENERIC_MANIFEST.
Oliver Kurth [Tue, 19 Feb 2019 20:51:31 +0000 (12:51 -0800)]
Linux DeployPkg should provide a configurable timeout for the spanning
customization process. Right now it is hard-coded to 100 seconds.
Sources to provide "timeout" value:
1. Clients such as vCenter and SRM can pack timeout value in cab header
via API func "DeployPkg_SetProcessTimeout(uint16 timeout)". this timeout
value will be implemented during the package deployment process.
2. Package deployment engines:
- tools deployPkg plugin:
Add "process-timeout" in tools.conf. The tools deployPkg plugin will use
that value to control the time period of the package deployment.
- linuxDeployPkg:
Add "-t <timeout>" as optional argument in linuxDeployPkg
Usage: ./linuxDeployPkg -d <cabfile> -t <timeout> --skip-reboot
3. Default value in deployPkg is 100s. If both the client and package
deployment engines don't provid this value, then the default value of
100s will be used.
4. The "timeout" value from clients will overwrite the value from the
deployment engines when both of them provid this value.
Oliver Kurth [Tue, 19 Feb 2019 20:51:30 +0000 (12:51 -0800)]
Use the LSB and os-release data to find the best guest identification
Historically, we have the LSB to describe a Linux distro. More
recently, the os-release standard was added. Change our guest
identification code to attempt to use both data - when available - and
make a value judgement as to which is better.
Oliver Kurth [Tue, 19 Feb 2019 20:51:30 +0000 (12:51 -0800)]
[Part 2] GuestLib support for 64bit memory shares.
MEMSCHED_SHARES_MAX is currently set to MAX_PPN and will not fit in
32-bit soon. 'memshares' property which is currently available in GuestSDK
is an unsigned 32bit value. Starting from ESX 7.0, this value is available
only if it can be fit in an unsigned 32-bit data type.
'memShares64' is the new unsigned 64-bit property added in GuestSDK for the
memory shares.
Added necessary APIs to retrieve the memshares64 value. The new API
VMGuestLib_GetMemShares64 will first try to retrieve the memShares64 property.
If the underlying host is an older one, then the API will return the memShares
property.
Updated the vmGuestLibTest code to retrieve and print the new memShares64 value.
Oliver Kurth [Tue, 19 Feb 2019 20:51:30 +0000 (12:51 -0800)]
Update seamless window's copyright year as 1998-2019
1. Changing the COPYRIGHT_YEARS in vm_legal.h to 1998-2019
2. COPYRIGHT_YEARS is used by UTF8_COPYRIGHT_STRING_BASE and
UTF16_COPYRIGHT_STRING for win32 UTF-16 version.
Oliver Kurth [Tue, 19 Feb 2019 20:51:30 +0000 (12:51 -0800)]
[Part 1] GuestLib support for 64bit memory shares.
MEMSCHED_SHARES_MAX is currently set to MAX_PPN and will not fit in 32-bit soon.
Changed the datatype of 'memshares' property to uint64 for the future support.
'memshares' is exposed in GuestLib as unsigned 32-bit value.
Modified the ESX code to set this property only if the vaulue can be fit in
a uint32 type. Else, the value is not set and 'valid' bit set is set to FALSE.
Added a new property "memShares64" (as uint64) in GuestLib for the new
64-bit memory shares.
This CLN implements only the necessary changes on ESX side.
Oliver Kurth [Tue, 19 Feb 2019 20:51:29 +0000 (12:51 -0800)]
Security issue with the intermediate staging directory used for DnD and CnP
Problem:
/tmp/VMwareDnD is a staging directory used for DnD and CnP. It should be
a regular directory, but malicious code or user may create the /tmp/VMwareDnD
as a symbolic link which points to the home directory of the current desktop
user before the staging directory is created. Later when the desktop user
initiates a DnD or CnP operation, the permission of that user's home directory
will be changed allowing the malicious user full access to the desktop user's
home directory.
Solution:
Do not set the permission of the staging directory if that directory already
exists and has the wrong permission. The permission of the directory will
be 1777 if it is created by VMTools. If that is not the case, the directory
has been created or modified by malicious code or user; just cancel the host
to guest DnD or CnP operation.
Oliver Kurth [Wed, 30 Jan 2019 01:24:44 +0000 (17:24 -0800)]
Fix CentOS 7.6 detection
The version information in /etc/centos-release has 3 parts,
in particular for CentOS 7.6:
CentOS Linux release 7.6.1810 (Core)
This was misidentified as CentOS 6 because the substring "6."
was matched before matching "7.". This change fixes this by
requiring a space before the major version.
Oliver Kurth [Wed, 30 Jan 2019 01:24:44 +0000 (17:24 -0800)]
Include vmware/tools/log.h to define g_info.
A recent change added a call to g_info from syncManifest.c. This
in turn is causing open-vm-tools builds to fail because g_info is
not available on SLES 12sp1.
To fix the problem, include vmware/tools/log.h in syncManifest.c.
log.h defines g_info as a macro.
Oliver Kurth [Wed, 30 Jan 2019 01:24:44 +0000 (17:24 -0800)]
Always send VMBACKUP_EVENT_GENERIC_MANIFEST during quiesced snapshots.
vSphere 6.7 added a host-side interface that allows VMTools to send
a "generic" backup manifest during a quiesced snapshot on Linux guests.
VMTools 10.2.0 or later tries to notify the host of the backup manifest
file through a vmbackup event message VMBACKUP_EVENT_GENERIC_MANIFEST.
If the host is unable to field the message, then VMTools logs the
failure and then continues with the quiesced snapshot in the older
fashion, without the backup manifest.
An earlier change attempted to reduce the amount of logging done when
running on older hosts that don't support VMBACKUP_EVENT_GENERIC_MANIFEST
by detecting when sending VMBACKUP_EVENT_GENERIC_MANIFEST fails and
not sending the message again for subsequent quiesced snapshots.
However, subsequent stress testing has uncovered problems with this
approach when running on newer hosts; specifically, errors may sometimes
be encountered on newer hosts when sending VMBACKUP_EVENT_GENERIC_MANIFEST.
Therefore this change backs out that earlier change.
Note that the need to solve the problem that that earlier change was
intended to solve has been reduced because support for
VMBACKUP_EVENT_GENERIC_MANIFEST has been backported to vSphere 6.5
P03, which is available, and vSphere 6.0 P08, which is scheduled for
release later this year. ESXi 5.5 is out of general support.
This change also addresses an issue that surfaced when testing on a
host without support for VMBACKUP_EVENT_GENERIC_MANIFEST.
If VMTools fails to send VMBACKUP_EVENT_GENERIC_MANIFEST, the quiesced
snapshot operation will be aborted rather than continuing as it should.
To address this, create a new function, VmBackup_SendEventNoAbort,
which does not abort the quiesced snapshot on failure, and call that
function rather than VmBackup_SendEvent when sending
VMBACKUP_EVENT_GENERIC_MANIFEST.
Oliver Kurth [Tue, 29 Jan 2019 22:03:19 +0000 (14:03 -0800)]
Fix possible security issue with the permissions of the intermediate
staging directory and path
/tmp/VMwareDnD is a staging directory used for DnD and CnP. It should be
a regular directory, but malicious code or user may create the /tmp/VMwareDnD
as a symbolic link which points elsewhere on the system. This may provide
user access to user B's files.
Do not set the permission of the root directory if the root directory
already exists and has the wrong permission. The permission of the directory
must be 1777 if it is created by the VMToolsi. If not, then the directory
has been created or modified by malicious code or user, so just cancel the
host to guest DnD or CnP operation.
Oliver Kurth [Tue, 29 Jan 2019 22:03:19 +0000 (14:03 -0800)]
Bail out vmtoolsd early when there are RPC errors.
VMX state machine could give up quiescing operation for various
reasons when vmtoolsd is busy performing necessary state transitions.
Once VMX gives up quiescing operation, there is no point in
vmtoolsd continuing with it. vmtoolsd should also give up the
operation asap. vmtoolsd can detect VMX state machine change
when it gets errors sending VMBACKUP_PROTOCOL_EVENT_SET RPC.
RPC errors are only used as a trigger to abort the operation.
We ignore the RPC errors that might occur after aborting the
operation.
Oliver Kurth [Tue, 29 Jan 2019 22:03:19 +0000 (14:03 -0800)]
Don't send a backup manifest when aborting a Linux quiesced snapshot.
When taking a Linux quiesced snapshot, communication failures between
VMX and VMTools may result in VMTools sending a genericManifest event
message after the quiesced snapshot operation has been aborted. If
this happens, VMX will send an error back to VMTools, which in turn
causes VMTools not to send genericManifest messages on subsequent
quiesced snapshots even if the host supports such messages.
One aspect of the implementation that gives rise to this behavior is
the use of the sync provider's snapshotDone function to undo a
quiescing operation. Specifically, if VMTools aborts a quiesced
snapshot when the file system is quiesced, the quiescing must be
undone. Currently, this is handled by calling the sync provider's
snapshotDone function. This is the same function that is called to
complete the quiescing snapshot protocol when it is successful. In
some respects this makes sense, since in either case snapshotDone
unquiesces the file system. However, architecturally and conceptually,
it seems useful to distinguish between the action to be taken in the
successful case versus the aborting case. It's also useful to do so
in practice, because the successful case sends the genericManifest
event to notify the host there is a backup manifest file, while the
aborting case should not do that.
To address the issue, add an "undo" function for the Linux sync
provider. The undo function is called instead of snapshotDone as
part of aborting a quiesced snapshot in which the file system is
quiesced at the time of the abort.
Oliver Kurth [Tue, 29 Jan 2019 22:03:18 +0000 (14:03 -0800)]
General code clean-up.
bora/lib/misc/posixPosix.c:
Treat local variables "len" consistently as "size_t" type in
Posix_Getmntent_r()
bora-vmsoft/apps/toolbox-cmd/toolboxcmd-shrink.c:
Improve readability of error handling logic in ShrinkDoWipeAndShrink()
and remove another line of dead code.
bora-vmsoft/lib/procMgr/procMgrPosix.c:
Recent discussions about setting "errno" to ENOENT when either
getpwuid_r() or getpwnam_r() return 0 (success) if there is no passwd
entry for the user have vacillated.
Since none of the current callers of the routines in procMgrPosix.c
query the contents of "errno", the current consensus is to simply log
a warning message along with reason for the failure.
Oliver Kurth [Tue, 29 Jan 2019 22:03:18 +0000 (14:03 -0800)]
Fix NULL pointer dereference and remove three lines of dead code.
QbitLogic has run [Code]Ai on the open-vm-tools source code and
and notified VMware of a potential NULL pointer reference and four
pieces of dead code.
See https://github.com/vmware/open-vm-tools/pull/247
bora-vmsoft/services/vmtoolsd/pluginMgr.c
The proposed fix conditionally emitted a log message. That fix has
been reworked to consistently emit a log message with conditional
content.
bora/lib/misc/posixPosix.c
bora-vmsoft/apps/toolbox-cmd/toolboxcmd-shrink.c
Remove one line of dead code from each source file.
bora-vmsoft/lib/procMgr/procMgrPosix.c:
Suggested dead code fix actually pointed to a bug where errno
was not getting updated as intended.
bora-vmsoft/services/plugins/guestInfo/perfMonLinux.c:
Suggested dead code is no longer dead; change not applicable.
projects / thirdparty / open-vm-tools.git / log
